<?php ob_start();
session_start(); // on relaye la session 
if(isset($_SESSION["is_registered"]) && $_SESSION["is_registered"] == "registered"){
		$enregistrer = $_SESSION["is_registered"];
}else{
	header("location:../../../menu.php"); // redirection en cas d'echec
}
require_once('../../../Connections/microassur.php');
require_once('../../../utils/fonctions.php');
require_once('../../../include/inc_config.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING']) && isset($_GET['Identifiant_habilitation'])) {
  $editFormAction .= "?Identifiant_habilitation=" . htmlentities($_GET['Identifiant_habilitation']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1"))
{
    $bool=verifLibelle1('Code_evenement') && verifLibelle('Libelle_evenement') &&  verifLibelle('Identifiant_profil');
    
    // --- la modification concerne juste la libelle
    $oHabilitation = new dataObject_habilitation($_POST['Identifiant_habilitation']);
    $iUpdateLibelle = $oHabilitation->_CODE_EVENEMENT == $_POST['Code_evenement'] && $oHabilitation->_IDENTIFIANT_PROFIL == $_POST['Identifiant_profil'] ;
    
    // --- la modification concerne aussi les autres champs
    $iValidUpdate = 1 ;
    if (!$iUpdateLibelle)
    {
        $toCriterias['Code_evenement'] = $_POST['Code_evenement'] ;
        $toCriterias['Identifiant_profil'] = $_POST['Identifiant_profil'] ;
        $nums = existeEnregistrement($database_microassur, $microassur, "habilitation", $toCriterias) ;
        if ($nums>=intval(1))
        {
            $iValidUpdate = 0 ;
        }
    }
    $bool = $bool && $iValidUpdate ;
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1") && $bool ) {
  $updateSQL = sprintf("UPDATE habilitation SET Code_evenement=%s, Libelle_evenement=%s, Identifiant_profil=%s WHERE Identifiant_habilitation=%s",
                       GetSQLValueString($_POST['Code_evenement'], "text"),
                       GetSQLValueString($_POST['Libelle_evenement'], "text"),
                       GetSQLValueString($_POST['Identifiant_profil'], "int"),
                       GetSQLValueString($_POST['Identifiant_habilitation'], "int"));

  mysql_select_db($database_microassur, $microassur);
   mysql_query("START TRANSACTION");
  
  $Result1 = mysql_query($updateSQL, $microassur) or die(mysql_error());
 

if($Result1){
mysql_query("commit");
//	$updateGoTo = "index.php?mod=success";
 
 // header(sprintf("Location: %s", $updateGoTo));
   $message = colorer("La modification de l'habilitation est prise en compte","true");

  }
   else  {mysql_query("rollback");$message = colorer("Contacter la DSI, erreur modification habilitation","false");}
}
elseif(isset($_POST["MM_update"])&& !$bool)  {

if(empty($_POST['Code_evenement'])) $message = colorer("Vous devez saisir le code évènement","false");
elseif(!verifLibelle1('Code_evenement')) $message = colorer("Le code évènement saisi comporte des caractères spéciaux interdits","false");
elseif(empty($_POST['Libelle_evenement'])) $message = colorer("Vous devez saisir le libellé évènement","false");
elseif(!verifLibelle('Libelle_evenement')) $message = colorer("Le libellé évènement saisi comporte des caractères spéciaux interdits","false");
elseif(!$iValidUpdate) $message = colorer("Cette habilitation existe déjà pour ce profil", "false") ;
            
//elseif(empty($_POST['Identifiant_profil'])) $message = colorer("L'habilitation n'est pas rattachée à un profil,vous devez saisir un profil","false");
else
//$message=colorer("Erreur: Au moins un champ est vide ou valeur incorrecte","false");
$message="";

}

elseif ((isset($_POST["MM_update"])) )
{
    $message = colorer("Cette habilitation existe déjà pour ce profil", "false") ;
 
    /*if (existeChamp1($database_microassur, $microassur,'habilitation','Code_evenement',@$_POST['Identifiant_habilitation'],@$_POST['Code_evenement']))
    {
        $message = colorer("L'habilitation existe déjà","false");
    }*/
}

$colname_rs = "-1";
if (isset($_GET['Identifiant_habilitation'])) {
  $colname_rs = $_GET['Identifiant_habilitation'];
}
mysql_select_db($database_microassur, $microassur);
$query_rs = sprintf("SELECT * FROM habilitation WHERE Identifiant_habilitation = %s", GetSQLValueString($colname_rs, "int"));
$rs = mysql_query($query_rs, $microassur) or die(mysql_error());
$row_rs = mysql_fetch_assoc($rs);
$totalRows_rs = mysql_num_rows($rs);

mysql_select_db($database_microassur, $microassur);
$query_rs_profil = "SELECT * FROM profil ORDER BY Libelle_profil ASC";
$rs_profil = mysql_query($query_rs_profil, $microassur) or die(mysql_error());
$row_rs_profil = mysql_fetch_assoc($rs_profil);
$totalRows_rs_profil = mysql_num_rows($rs_profil);
?>
<?php  if(isset($_GET['supp']) && $_GET['supp']=='err') $message = colorer("Contacter la DSI, erreur suppression habilitation","false"); ?>
<?php if(isset($_GET['supp']) && $_GET['supp']=='success') $message = colorer("L'habilitation est supprimée","true"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
		<meta http-equiv="X-UA-Compatible" content="IE=8" />
			<title><?php echo $titleGen ?></title>
			<link rel="stylesheet" type="text/css" href="../../../css/main.css" />
			<link rel="stylesheet" type="text/css" href="../hab.css.css" />
			<!--[if IE 7]><link rel="stylesheet" type="text/css" href="../../../css/ie7.css" /><![endif]-->
	</head>
<body id="hab1">
			<div id="sf_menu1">
				<h3>Administration</h3>
				<?php
					if(isset($message))
						echo $message;
					$nommodule="Habilitation";
					$nommodule2="Détail habilitation";
					?>
			</div>
			<div class="cleared"></div>
			<!-- /*******************************/ -->
	<div class="corps1">
		<form action="<?php echo $editFormAction; ?>" method="post" name="form1" id="form1">
			<div class="imgleft"></div>
			<div class="imgmiddle">
				<div class="btn"><span class="btnleft"></span><span class="btnmiddle"><h5><?php echo $nommodule; ?></h5></span><span class="btnright"></span></div>
				<div class="btn1"><span class="btnleft"></span><span class="btnmiddle"><h5><?php echo $nommodule2; ?></h5></span><span class="btnright"></span></div>
					<div class="content_tableform">
							  <table>
								<tr>
								  <td>CODE EVENEMENT</td>
								  <td><input class="resize_1" type="text" maxlength="5" name="Code_evenement" value="<?php if(isset($_POST['Code_evenement']))echo remind_text('Code_evenement'); else echo htmlentities($row_rs['Code_evenement'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
								</tr>
								<tr>
								  <td>LIBELLE EVENEMENT</td>
								  <td><input type="text" name="Libelle_evenement" value="<?php if(isset($_POST['Libelle_evenement']))echo remind_text('Libelle_evenement'); else echo  htmlentities($row_rs['Libelle_evenement'], ENT_COMPAT, 'utf-8'); ?>" size="32"  maxlength="30"/></td>
								</tr>
								<tr>
								  <td>PROFIL</td>
								  <td><select class="ha" name="Identifiant_profil">
									<?php
							do {  
							?>
									<option value="<?php echo $row_rs_profil['Identifiant_profil']?>"<?php if (!(strcmp($row_rs_profil['Identifiant_profil'], htmlentities($row_rs['Identifiant_profil'], ENT_COMPAT, 'utf-8')))) {echo "selected=\"selected\"";} ?>><?php echo $row_rs_profil['Libelle_profil']?></option>
									<?php
							} while ($row_rs_profil = mysql_fetch_assoc($rs_profil));
							  $rows = mysql_num_rows($rs_profil);
							  if($rows > 0) {
								  mysql_data_seek($rs_profil, 0);
								  $row_rs_profil = mysql_fetch_assoc($rs_profil);
							  }
							?>
								  </select>
								  </td>
								</tr>
							  </table>
					</div>
			</div>
			<div class="imgright"></div>				
				<div class="cleared"></div>
				
					<div class="bt1"><a href="./index.php"><span class="btleft"></span><span class="btmiddle">Retour</span><span class="btright"></span></a></div>
					<div class="bt"><a <?php if(isset($row_rs['Identifiant_habilitation'])){ ?> href="supphabilitation.php?Identifiant_habilitation=<?php echo $row_rs['Identifiant_habilitation']; ?>" <?php } else echo 'href="#"';?>><span class="btleft"></span><span class="btmiddle">Supprimer</span><span class="btright"></span></a></div>
					<div class="bt"><span class="btleft"></span><input <?php if(retourValForm('Identifiant_habilitation')==NULL || retourValForm('supp')=='success') echo "disabled='disabled'"; ?> type="submit" name="Modifier" value="Modifier" class="resizeall btmiddle"/><span class="btright"></span></div>
					
			<div class="cleared"></div>
				
			<input type="hidden" name="Identifiant_habilitation" value="<?php echo $row_rs['Identifiant_habilitation']; ?>" />
			<input type="hidden" name="MM_update" value="form1" />
		</form>
	</div>
</body>
</html><?php ob_end_flush();?>
<?php
mysql_free_result($rs);
mysql_free_result($rs_profil);
?>
